A poll of CA Technologies experts found inside threats to cloud security will continue to grow next year, but predicted 2011 would b the year IT security enabled cloud adoption on a broader scale. Company research suggested organizations would begin using behavioral analysis to predict threat from the inside. There is case study research in this area that examines the psychosocial factors that can contribute to an insider breach.
CA experts said this data could be used to create predictive models that correlate psychological profiles or behaviors to insider breaches or crime. For example, how an employee reacts to stress, financial and personal predisposition to conflict, rule violations and the propensity to hide them when they occur and chronic disgruntlement or strong reactions to organizational sanctions can all be indicators of risk for insider data breach. This data then could be used to step-up and tighten access and data usage rights.
“Throughout the year, industry events and new discoveries impact the security and operations of our organizations. In 2011, IT security professionals will need to step-up their battle against the insider threat and leverage Identity and Access Management to shift the view of security to that of an enabler for cloud adoption,” said Tim Brown, senior vice president and chief security architect with CA Technologies.
Brown noted a 2010 Verizon Data Breach Investigations Report, which showed that the percentage of breaches attributed to insiders more than doubled over the previous year to 46 percent; he said CA expects that trend to continue.
The report also concluded companies would improve information security by linking data and identities. “For years we have been protecting information – but doing it in a way that affects operational efficiencies and can still invite risk,” the report noted. “Organizations will realize the need to make access and information use policies identity-based. This realization ushers in next-generation Identity and Access Management (IAM) and makes IAM content-aware. Traditional IAM stops at the point of access; Content-Aware IAM goes a step further to not only help control identities and their access, but also control what they can do with the information based on their identity.”